Conversation

Notices

1. Moon (moon@shitposter.club)'s status on Sunday, 23-Apr-2023 07:30:54 JST Moon
   hours later i give up, i cannot figure out how to extract the stubs from a yubikey onto a new machine so i can pgp sign things. every command on the internet does not work.
   • Moon (moon@shitposter.club)'s status on Sunday, 23-Apr-2023 07:30:52 JST Moon

     in reply to

     • Himbo Techbro
     @r000t don't bother. I'll just generate new keys at some point, it's just a pain because I'm using the key right now as an SSH key. also macos is a joke, I have experienced so many problems that indicate a deep failure to understand developer workflow
     matrix07012 :thotpatrol: :cunnyEmpire: likes this.
   • Himbo Techbro (r000t@ligma.pro)'s status on Sunday, 23-Apr-2023 07:30:53 JST Himbo Techbro

     in reply to

     @Moon
     Aaaaand that was gonna be my advice.

     Try it in WSL? I just got a new key and need to set it up from scratch on a fresh Windows anyway so I'll keep notes for you.

   • Moon (moon@shitposter.club)'s status on Sunday, 23-Apr-2023 07:30:53 JST Moon

     in reply to

     • Himbo Techbro
     @r000t I'm on mac now.
   • Himbo Techbro (r000t@ligma.pro)'s status on Sunday, 23-Apr-2023 07:30:53 JST Himbo Techbro

     in reply to

     @Moon sux. I can spin up a hackintosh and give it a go later on if you need though.

     I recall having to do things in the following order:
     1) Generate private key on-device
     2) Export a CSR
     3) Sign it with CA (if applicable)
     4) Load the resulting cert onto the device, which does not erase the private key

   • Moon (moon@shitposter.club)'s status on Sunday, 23-Apr-2023 07:30:54 JST Moon

     in reply to
     "just use gpg --card-edit it will re-add the stubs" "sometimes it won't, run this command" "operation not supported by device"
     
     also gnupg is 1980's-era software usability.
   • Himbo Techbro (r000t@ligma.pro)'s status on Sunday, 23-Apr-2023 07:31:03 JST Himbo Techbro

     in reply to

     @Moon Apple marketing material expressing "productivity" always shows goofy high-school tier projects/notes or video/photo editing. Maybe SketchUp if they're feeling super boring. Apple products are not tools, they are toys. They are some of the most secure toys you can buy, but at the end of the day they *are* toys.

     My missing Yubikey served *all* of these roles (FIDO, SSH, OpenPGP) at the same time, the OpenPGP was simply used by the SSH agent.

     The `gpg --card-edit` every time the device is inserted is a real thing tho, btw. At least on Windows. Linux I believe needs udev rules and I got no idea what BSD/MacOS wants.

     matrix07012 :thotpatrol: :cunnyEmpire: likes this.
   • Moon (moon@shitposter.club)'s status on Sunday, 23-Apr-2023 07:31:03 JST Moon

     in reply to

     • Himbo Techbro
     @r000t apples are good just not so much for hardcore dev. maybe webdev. but i have to jump through hoops to do almost anything i want to do.
     matrix07012 :thotpatrol: :cunnyEmpire: likes this.
   • Himbo Techbro (r000t@ligma.pro)'s status on Sunday, 23-Apr-2023 07:31:20 JST Himbo Techbro

     in reply to

     @Moon
     Yeah that's why they invented Docker. On every OS that's not Linux, Docker runs inside a Linux VM. This makes everything Just Work, but it also makes a great place to hide malware.

     matrix07012 :thotpatrol: :cunnyEmpire: likes this.
   • Moon (moon@shitposter.club)'s status on Sunday, 23-Apr-2023 07:31:20 JST Moon

     in reply to

     • Himbo Techbro
     @r000t maybe i'll install the vmware player and just use linux all day
     matrix07012 :thotpatrol: :cunnyEmpire: likes this.